PT-2017-2785 · Linux+5 · Linux Kernel+5

Tong Lin

+2

·

Publicado

2017-02-10

·

Atualizado

2025-09-29

·

CVE-2017-10661

CVSS v2.0

7.6

Alta

VetorAV:N/AC:H/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.10.15
Description The issue is related to a race condition in the fs/timerfd.c component of the Linux kernel, which can be exploited by local users through simultaneous file-descriptor operations. This can lead to privilege escalation or a denial of service, resulting in list corruption or use-after-free. The vulnerability is associated with improper might cancel queueing.
Recommendations For Linux kernel versions prior to 4.10.15, update to version 4.10.15 or later to resolve the issue. As a temporary workaround, consider restricting simultaneous file-descriptor operations to minimize the risk of exploitation.

Exploit

Correção

DoS

Race Condition

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362CWE-416

Identificadores relacionados

ALSA-2025_16880
ALT-PU-2017-1601
ALT-PU-2018-1991
BDU:2017-02044
CESA-2018_3083
CVE-2017-10661
DLA-1099-1
DSA-3981-1
ELSA-2017-3636
ELSA-2017-3637
ELSA-2018-3083
RHSA-2018:3083
RHSA-2018:3096
RHSA-2018_3083
RHSA-2018_3096
RHSA-2019:4057
RHSA-2019:4058
RHSA-2020:0036
SUSE-SU-2017:2525-1
SUSE-SU-2017:2694-1
SUSE-SU-2017:2908-1
SUSE-SU-2017:2920-1
SUSE-SU-2017:3265-1
SUSE-SU-2017:3286-1
SUSE-SU-2017:3287-1
SUSE-SU-2017:3288-1
SUSE-SU-2017:3289-1
SUSE-SU-2017:3290-1
SUSE-SU-2017:3291-1
SUSE-SU-2017:3292-1
SUSE-SU-2017:3293-1
SUSE-SU-2017:3296-1
SUSE-SU-2017:3299-1
SUSE-SU-2017:3301-1
SUSE-SU-2017:3302-1
SUSE-SU-2017:3303-1
SUSE-SU-2017:3304-1
SUSE-SU-2017:3305-1
SUSE-SU-2017:3306-1
SUSE-SU-2017:3308-1
SUSE-SU-2017:3309-1
SUSE-SU-2017:3310-1
SUSE-SU-2017:3312-1
SUSE-SU-2017:3313-1
SUSE-SU-2017:3316-1
SUSE-SU-2017:3318-1
SUSE-SU-2017:3320-1
SUSE-SU-2017:3321-1
SUSE-SU-2017:3322-1
SUSE-SU-2017:3323-1
SUSE-SU-2017:3332-1
SUSE-SU-2017:3336-1
SUSE-SU-2017:3337-1
SUSE-SU-2017:3340-1
SUSE-SU-2017_2525-1
SUSE-SU-2017_2908-1
SUSE-SU-2017_2920-1
SUSE-SU-2017_3265-1
SUSE-SU-2017_3287-1
SUSE-SU-2017_3289-1
SUSE-SU-2017_3293-1
SUSE-SU-2017_3299-1
SUSE-SU-2017_3301-1
SUSE-SU-2017_3302-1
SUSE-SU-2017_3303-1
SUSE-SU-2017_3304-1
SUSE-SU-2017_3305-1
SUSE-SU-2017_3308-1
SUSE-SU-2017_3309-1
SUSE-SU-2017_3312-1
SUSE-SU-2017_3313-1
SUSE-SU-2017_3316-1
SUSE-SU-2017_3318-1
SUSE-SU-2017_3320-1
SUSE-SU-2017_3321-1
SUSE-SU-2017_3322-1
SUSE-SU-2017_3323-1
SUSE-SU-2017_3332-1
SUSE-SU-2017_3336-1
SUSE-SU-2017_3337-1
SUSE-SU-2017_3340-1
USN-3470-1
USN-3470-2

Produtos afetados

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu